From 7edeeab42abe6a4ac98592eaeb95ef15308aa99e Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sun, 20 Jan 2019 09:12:05 +0000
Subject: Provide a way to get just the record header.

Also check record size limits when reading records and setting data.

ok tb@
---
 src/lib/libssl/tls13_record.c | 24 ++++++++++++++++++++++--
 src/lib/libssl/tls13_record.h | 16 +++++++++++-----
 2 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/src/lib/libssl/tls13_record.c b/src/lib/libssl/tls13_record.c
index 857d3bee49..1a4e22ee47 100644
--- a/src/lib/libssl/tls13_record.c
+++ b/src/lib/libssl/tls13_record.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record.c,v 1.1 2019/01/19 02:53:54 jsing Exp $ */
+/* $OpenBSD: tls13_record.c,v 1.2 2019/01/20 09:12:05 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -62,6 +62,17 @@ tls13_record_free(struct tls13_record *rec)
 	freezero(rec, sizeof(struct tls13_record));
 }
 
+int
+tls13_record_header(struct tls13_record *rec, CBS *cbs)
+{
+	if (rec->data_len < TLS13_RECORD_HEADER_LEN)
+		return 0;
+
+	CBS_init(cbs, rec->data, TLS13_RECORD_HEADER_LEN);
+
+	return 1;
+}
+
 uint8_t
 tls13_record_content_type(struct tls13_record *rec)
 {
@@ -89,13 +100,18 @@ tls13_record_data(struct tls13_record *rec, CBS *cbs)
 	CBS_init(cbs, rec->data, rec->data_len);
 }
 
-void
+int
 tls13_record_set_data(struct tls13_record *rec, uint8_t *data, size_t data_len)
 {
+	if (data_len > TLS13_RECORD_MAX_LEN)
+		return 0;
+
 	freezero(rec->data, rec->data_len);
 	rec->data = data;
 	rec->data_len = data_len;
 	CBS_init(&rec->cbs, rec->data, rec->data_len);
+
+	return 1;
 }
 
 ssize_t
@@ -124,6 +140,10 @@ tls13_record_recv(struct tls13_record *rec, tls13_read_cb wire_read,
 		if (!CBS_get_u16(&cbs, &rec_len))
 			return TLS13_IO_FAILURE;
 
+		/* XXX - record overflow alert. */
+		if (rec_len > TLS13_RECORD_MAX_CIPHERTEXT_LEN)
+			return TLS13_IO_FAILURE;
+
 		rec->content_type = content_type;
 		rec->rec_len = rec_len;
 	}
diff --git a/src/lib/libssl/tls13_record.h b/src/lib/libssl/tls13_record.h
index ca7a63f99c..72350d5d49 100644
--- a/src/lib/libssl/tls13_record.h
+++ b/src/lib/libssl/tls13_record.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record.h,v 1.1 2019/01/19 02:53:54 jsing Exp $ */
+/* $OpenBSD: tls13_record.h,v 1.2 2019/01/20 09:12:05 jsing Exp $ */
 /*
  * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -24,7 +24,7 @@
 __BEGIN_HIDDEN_DECLS
 
 /*
- * TLSv1.3 - RFC 8446 section 5.
+ * TLSv1.3 Record Protocol - RFC 8446 section 5.
  *
  * The maximum plaintext is 2^14, however for inner plaintext an additional
  * byte is allowed for the content type. A maximum AEAD overhead of 255-bytes
@@ -36,17 +36,23 @@ __BEGIN_HIDDEN_DECLS
 #define TLS13_RECORD_MAX_PLAINTEXT_LEN		16384
 #define TLS13_RECORD_MAX_INNER_PLAINTEXT_LEN \
 	(TLS13_RECORD_MAX_PLAINTEXT_LEN + 1)
-#define TLS13_RECORD_MAX_CIPHERTEXT \
+#define TLS13_RECORD_MAX_CIPHERTEXT_LEN \
 	(TLS13_RECORD_MAX_INNER_PLAINTEXT_LEN + TLS13_RECORD_MAX_AEAD_OVERHEAD)
 #define TLS13_RECORD_MAX_LEN \
-	(TLS13_RECORD_HEADER_LEN + TLS13_RECORD_MAX_CIPHERTEXT)
+	(TLS13_RECORD_HEADER_LEN + TLS13_RECORD_MAX_CIPHERTEXT_LEN)
+
+/*
+ * TLSv1.3 Per-Record Nonces and Sequence Numbers - RFC 8446 section 5.3.
+ */
+#define TLS13_RECORD_SEQ_NUM_LEN 8
 
 struct tls13_record *tls13_record_new(void);
 void tls13_record_free(struct tls13_record *_rec);
+int tls13_record_header(struct tls13_record *_rec, CBS *_cbs);
 uint8_t tls13_record_content_type(struct tls13_record *_rec);
 int tls13_record_content(struct tls13_record *_rec, CBS *_cbs);
 void tls13_record_data(struct tls13_record *_rec, CBS *_cbs);
-void tls13_record_set_data(struct tls13_record *_rec, uint8_t *_data,
+int tls13_record_set_data(struct tls13_record *_rec, uint8_t *_data,
     size_t _data_len);
 ssize_t tls13_record_recv(struct tls13_record *_rec, tls13_read_cb _wire_read,
     void *_wire_arg);
-- 
cgit v1.2.3-55-g6feb